CVE-2012-0381
Last modified
CVE-2012-0381 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCts38429.. EPSS estimates a 3.85% chance of exploitation in the next 30 days.
Description
The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCts38429.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.0 |
| Cisco | Ios | 12.2 |
| Cisco | Ios | 12.2\(1\) |
| Cisco | Ios | 12.2\(1\)dx |
| Cisco | Ios | 12.2\(1\)s |
| Cisco | Ios | 12.2\(1\)t |
| Cisco | Ios | 12.2\(1\)xa |
| Cisco | Ios | 12.2\(1\)xd |
| Cisco | Ios | 12.2\(1\)xd1 |
| Cisco | Ios | 12.2\(1\)xd3 |
| Cisco | Ios | 12.2\(1\)xd4 |
| Cisco | Ios | 12.2\(1\)xe |
| Cisco | Ios | 12.2\(1\)xe2 |
| Cisco | Ios | 12.2\(1\)xe3 |
| Cisco | Ios | 12.2\(1\)xh |
| Cisco | Ios | 12.2\(1\)xq |
| Cisco | Ios | 12.2\(1\)xs |
| Cisco | Ios | 12.2\(1\)xs1 |
| Cisco | Ios | 12.2\(1.1\) |
| Cisco | Ios | 12.2\(1.1\)pi |
| Cisco | Ios | 12.2\(1.4\)s |
| Cisco | Ios | 12.2\(1b\) |
| Cisco | Ios | 12.2\(1b\)da1 |
| Cisco | Ios | 12.2\(1d\) |
| Cisco | Ios | 12.2\(2\)b |
| Cisco | Ios | 12.2\(2\)bx |
| Cisco | Ios | 12.2\(2\)by |
| Cisco | Ios | 12.2\(2\)by2 |
| Cisco | Ios | 12.2\(2\)dd3 |
| Cisco | Ios | 12.2\(2\)t |
| Cisco | Ios | 12.2\(2\)t1 |
| Cisco | Ios | 12.2\(2\)t4 |
| Cisco | Ios | 12.2\(2\)xa |
| Cisco | Ios | 12.2\(2\)xa1 |
| Cisco | Ios | 12.2\(2\)xa5 |
| Cisco | Ios | 12.2\(2\)xb |
| Cisco | Ios | 12.2\(2\)xb3 |
| Cisco | Ios | 12.2\(2\)xb4 |
| Cisco | Ios | 12.2\(2\)xb11 |
| Cisco | Ios | 12.2\(2\)xb14 |
| Cisco | Ios | 12.2\(2\)xb15 |
| Cisco | Ios | 12.2\(2\)xc1 |
| Cisco | Ios | 12.2\(2\)xf |
| Cisco | Ios | 12.2\(2\)xg |
| Cisco | Ios | 12.2\(2\)xh |
| Cisco | Ios | 12.2\(2\)xh2 |
| Cisco | Ios | 12.2\(2\)xh3 |
| Cisco | Ios | 12.2\(2\)xi |
| Cisco | Ios | 12.2\(2\)xi1 |
| Cisco | Ios | 12.2\(2\)xi2 |
Showing 50 of 758 affected configurations. See NVD for the full list.
References
- http://osvdb.org/80700Broken Link
- http://secunia.com/advisories/48605Not Applicable
- http://secunia.com/advisories/48607Not Applicable
- http://www.securityfocus.com/bid/52757Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1026863Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74427Third Party Advisory, VDB Entry
- http://osvdb.org/80700Broken Link
- http://secunia.com/advisories/48605Not Applicable
- http://secunia.com/advisories/48607Not Applicable
- http://www.securityfocus.com/bid/52757Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1026863Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74427Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-0381?
How severe is CVE-2012-0381?
How do I fix CVE-2012-0381?
Are you affected by CVE-2012-0381?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST